"Greedy" Microsoft DNS + Active Directory

William Stacey [MVP] staceyw at mvps.org
Sun Jun 30 15:31:32 UTC 2002

"David Carmean" <dlc at halibut.com> wrote in message
news:affk4l$3j7i$1 at isrv4.isc.org...
> A Win2K box ("client") registers itself in the "lab.example.com" AD
domain.  After
> that, if you query the "lab" AD DNS server for "client.lab.example.com",
> get an authoritative answer as (sort of) expected (even though the "real"
> hostname is "client.example.com").

By "real" hostname, do you mean the Host Name + the Primary DNS Suffix
(using ipconfig /all?)  Or do you mean real by virtue of what you put in the
example.com zone?

> But also, if you query "ns.hq.example.com" for "client.hq.example.com",
> you get an authoritative answer for the same IP address.  Same thing
> happens if you ask "ns.inttest.example.com" for
> In essence, all the Microsoft nameservers are saying "Mine!", "No, Mine!",
> "Mine Too!".  Thus negating any benefit of the heirarchical AD domain name
> space.  I.e. we're back to a single, flat namespace for all Windoze

I don't think this is a server issue, but a client devolution issue.
Standard devolution on the windows client will strip off the left most
subdomains until only a second level domain is left.  Are you sure your not
getting the reply/IP from "client.example.com" ?  Also dig or nslookup into
the inttest.example.com domain and see if you have a "client" A record.
Send an ipconfig /all of the client and dns server if that does not help.

William Stacey, MCSE
Windows Server MVP

More information about the bind-users mailing list